Senior Pentester

As part of the strategy to protect commercially sensitive, proprietary data, the personal data of the employees, clients and prospective clients, our RBA (Risk & Business Assurance) Expertise Security sector is seeking a Penetration Tester/Ethical Hacker to help keep ASML’s infrastructure secure.

Introduction to the job 

As a Senior Penetration Tester you are responsible for conducting penetration tests upon (parts of) the ASML infrastructure and used software to test the effectiveness of the current security controls and to check the adherence to the compliance requirements.

Our penetration testing team is expanding quickly to accommodate increasing responsibilities, including conducting pentests and red team exercises.  As a new member, you will join a team tasked with performing penetration tests for IT and OT infrastructures, applications and products, as well as engaging in red and purple teaming activities. This team is a vital component of the Security Community at ASML which comprises approximately 250 FTE. Together with the rest of the community, you protect ASML’s assets and you’re at the center of everything that’s digitally exchanged.

In this role, you will integrate offensive security practices into penetration testing assessments, focusing on applications and infrastructure, to enhance ASML’s overall security posture.

Role and responsibilities

• You will be conducting external, internal and wireless network assessments as well as web and mobile application pentests, and pentests for SCADA/ICS/OT environments, SAP systems, and cloud environments;

• You will determine the scope and align upon the approach of the penetration testing with applicable stakeholders;

• Together with your team you will report and align on findings and set out concrete follow-up actions involving the proposition of corrective actions and re-assessments;

• Finetune process descriptions, methodologies, tools used and communication methods.

Having a proven experience in penetration testing, you are holding a key position in further developing our offensive security capabilities across ASML.

Education and experience

Working at the cutting edge of tech, you’ll always have new challenges and new problems to solve – and working together is the only way to do that. You won’t work in a silo. Instead, you’ll be part of a creative, dynamic work environment where you’ll collaborate with supportive colleagues. There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems.

Some key competences that come natural to you in this position:

• Experience with security of IT/OT networks, servers, applications, mobile devices (iOS, Android), cloud environments, and SAP systems;

• Experience with at least one of the common scripting languages and in developing or modifying exploits, shellcode and exploit tools;

• Experience in technical report writing and ability to articulate the risks to both technical and non-technical audiences;

• Nice to have: experience in reverse engineering and hardware hacking.

Ideally, we are looking for someone who brings a strong technical background complemented by excellent communication skills and a collaborative team spirit, essential for managing internal stakeholders during pentests.

• Minimum of 3 to 5 years of relevant experience, preferably in a multinational corporate security environment and a proven record in penetration testing;

• Bachelor’s degree in a technical discipline (or equivalent work experience).

Other information

• Having an interest in adversary emulation, red teaming, hunting and automation is a plus to establish offensive capability within ASML.

• Holding a certificate of one or more of the followings:

  • Offensive Security Certified Professional (OSCP)

  • Offensive Security Web Expert (OSWE)

  • Offensive Security Certified Expert (OSCE)

  • Penetration Testing and Ethical Hacking/Purple Team SANS courses

If you don’t meet the above mentioned requirements, and you still feel your profile is a great match with  this job description, please apply and we’d like to get in touch.

This position requires access to controlled technology, as defined in the Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.
EOE AA M/F/Veteran/Disability

This position requires access to controlled technology, as defined in the Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.

Diversity and inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Need to know more about applying for a job at ASML? Read our frequently asked questions.